Circuit for restricting data access

ABSTRACT

A privileged data table maintains a list of regions of a memory which contain privileged data. When a data access operation is attempted, a privilege rule enforcer compares the address of the memory being accessed to the list of privileged regions. If the memory address falls within a privileged region, then the memory access operation is blocked unless the instruction accessing the memory has been securely authorized by a code verifier. A privileged instruction table is provided to maintain a list of instructions stored in an instruction list that have been verified. When an instruction is fetched from the instruction list, an instruction privilege identifier compares the instruction with the list of verified instructions, and generates a signal indicating the privilege status of the instruction. Instructions are blocked according to the privilege signal. Only privileged instructions are allowed to modify the privileged data table and the privileged instruction table.

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates to accessing stored data, and in particular, butnot limited to, restricting access to stored data in pay televisionsystems.

2. Description of the Related Art

In many electronic systems, access to stored data may need to berestricted. For example, in pay television systems, stored data may bein the form of decrypted broadcast television data or encryption ordecryption keys used to encrypt or decrypt television data. Subscribersmay gain access rights to pay television broadcast services only bymaking the appropriate payment to the broadcast service provider. It isimportant therefore that persons not entitled to those services areprevented from accessing relevant data. In particular, it is importantto prevent hackers from modifying the system to enable illegitimateinsertion or removal of data such as encryption or decryption keys.

Some prior systems provide processors which generate computerinstructions to control data access. However, such systems arevulnerable when hackers intercept and illegitimately replaceinstructions to allow unauthorized access to restricted data.

We have appreciated the need to restrict access to sensitive data. Wehave further appreciated the need to identify and block illegitimateinstructions which attempt to access sensitive data.

BRIEF SUMMARY OF THE INVENTION

An embodiment of the invention comprises a data memory used to storedata, a portion of which may be confidential or privileged. To preventunauthorized access to privileged data, a privileged data table isprovided to maintain a list of those regions of the data memory whichcontain privileged data. Data access operations are initiated byinstructions fetched from an instruction list. When a data accessoperation is attempted involving a particular region of memory, aprivilege rule enforcer compares the address of the memory beingaccessed to the list of privileged regions stored in the privileged datatable. If the memory address falls within a privileged region then thememory access operation is blocked by the privilege rule enforcer unlessthe instruction accessing the memory is a privileged instruction. Aninstruction is privileged if it has been securely authorized by a codeverifier.

The contents of the privileged data table may be modified byinstructions fetched from the instruction list. In order to preventunauthorized modification of the privileged data table, a privilegetable filter is provided to block instructions which attempt to modifythe privileged data table but which are not privileged instructions.

To identify privileged instructions, a privileged instruction table isprovided to maintain a list of those instructions contained in theinstruction list which are privileged. When an instruction is fetchedfrom the instruction list, an instruction privilege identifier comparesthe instruction being fetched with the list of privileged instructionsstored in the privileged instruction table. The instruction privilegeidentifier then generates a signal indicating the privilege status ofthe instruction and transmits it to the privilege table filter andprivilege rule enforcer which block instructions according to thesignal. In one embodiment, the process of blocking unauthorized memoryoperations may be performed in accordance with a set of further rules asdefined by a rule signal input into the privilege rule enforcer.

All components of the system are contained on a single monolithicsemiconductor integrated circuit to ensure the security of the system.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

FIG. 1 is a block diagram of a semiconductor circuit embodying theinvention;

FIG. 2 is a flow diagram of the process used to restrict access to thedata memory shown in FIG. 1;

FIG. 3 is a diagram of the process used to authenticate instructions.

DETAILED DESCRIPTION OF THE INVENTION

A system embodying the invention comprises a memory or store 1 forstoring data, a portion of which may be confidential and requireprotection from unauthorized access. Confidential data may be referredto as being privileged, and the term privilege is known to those skilledin the art as meaning ‘rights of access’. An advantage of the inventionis to allow both privileged and unprivileged data to exist in the samememory store which conserves memory and reduces hardware costs. It isimportant, for systems such as pay television or other secure systemsthat the embodying system comprises a monolithic device 2, such as asingle semiconductor integrated circuit.

The data memory 1 may be provided by one or more external physicalmemory devices such as random access memory (RAM), flash memory, or ahard disk drive. Alternatively the memory may be provided by one or moreon-chip memories. The portions of memory provided by each memory devicemay be conveniently thought of as mapping onto a single contiguouslinear memory space such that each word of memory has a unique addressin the memory space.

The data memory 1 may be used for a variety of purposes during operationof the system. For example, the data memory 1 may be used to storedecryption keys for decrypting encrypted television signals, or to storedecrypted television data. It is important to ensure that unauthorizedaccess to data memory 1 containing privileged data is prevented. Forexample, the security of the system may be jeopardized if hackers areable to retrieve secret decryption keys from the data memory 1, orinsert illegitimate data into the data memory 1.

To maintain the security of the system, data access to or from the datamemory 1 is monitored to ensure that illegitimate instructions whichattempt to access confidential data are blocked. Some applications mayallow access to some data, while other applications may allow access todifferent data. For example, application code downloaded from theinternet should not be allowed access to a content buffer.

To distinguish between privileged and unprivileged data stored in thedata memory 1, a privileged data table 3 is provided which maintains alist of those memory regions of the data memory 1 which containprivileged data. Each contiguous region of memory in the data memory 1may be defined by a start memory address and an end memory address. Theprivileged data table 3 stores references to privileged memory regionsof the data memory 1 by storing corresponding start and end memoryaddresses of those regions. For example, a first region of memory ‘R₁’illustrated in FIG. 1 as a dashed area has start memory address X, andend memory address Y. The privileged data table 3 defines this memoryregion as privileged by storing the memory addresses X and Y as anassociated pair. Any data having an address which falls within the rangeX to Y is privileged. A second region of memory ‘R₂’ is also illustratedin FIG. 1 as a shaded region having start and end memory addresses A andB respectively. This memory is not privileged and accordingly nocorresponding entry exists in the privileged data table 3. It isunderstood that storing start and end memory addresses in a table ismerely one means to define data as privileged, and that otherembodiments also fall within the scope of the present invention.

Data memory 1 read or write operations are initiated by a centralprocessing unit (CPU) 5 which fetches suitable computer instructionsfrom an instruction list 7 via communication link 11. The data memory 1is then accessed via communication link 13. The instruction list 7comprises a memory arranged to store instructions for use duringoperation of the system. A privilege rule enforcer 9, for example awindow comparator, is provided along communication link 13 between theCPU 5 and the data memory 1 to selectively block access signalstransmitted along communication link 13. The privilege rule enforcer 9receives data stored in the privileged data table 3 at a first input viacommunication link 15. Each memory operation instruction ‘I’ fetchedfrom the instruction list 7 contains the address ‘Z’ of the memory towhich data is to be stored or from which data is to be retrieved.

FIG. 2 is a flow diagram of the process carried out to restrict accessto the data memory 1. When a data memory operation is attempted at dataaccess step 51, the CPU 5 transmits the fetched instruction alongcommunication link 13. The privilege rule enforcer 9 intercepts theinstruction and compares the memory address Z specified in theinstruction to the list of privileged regions stored in the privilegeddata table 3. The privilege rule enforcer 9 then determines, at dataprivilege checking step 53, whether the memory address Z falls within atleast one region of privileged data defined by the privileged data table3. If the memory region Z being accessed is not privileged and thuscontains only non-confidential data 55, the memory operation is allowedto proceed at proceed step 57. In this case, the data memory 1 receivesthe instruction, retrieves or stores data according to the instruction,and transmits the data via communication link 17 to a selecteddestination where appropriate.

If the memory region being accessed is privileged 59 as defined by theprivileged data table 3, then the memory operation instruction isblocked by the privilege rule enforcer 9 unless one or more of a numberof conditions are satisfied. According to a first condition, a memoryoperation is allowed to proceed if the instruction performing theoperation is privileged. A privileged instruction is one which has beensecurely authorized by a code verifier by a process described in moredetail below. In the preferred embodiment, a second condition is definedso that a memory operation is allowed to proceed only if the operationobeys one or more predetermined selection rules.

For the first condition, the privilege rule enforcer 9 receives aprivilege level signal via communication link 19 at a second inputindicating the privilege level of an instruction. For example, aprivilege level of 1 indicates that the instruction is privileged andhas been verified, and a privilege level of 0 indicates that theinstruction is not privileged and may be illegitimate. The origin andnature of the privilege level signal shall be described in more detailbelow. The privilege rule enforcer 9 then determines, at instructionprivilege checking step 67, from the status of privilege level signal ifthe instruction I is privileged or not. If the instruction is privileged61 then the privilege rule enforcer 9 allows the data operation toproceed, at proceed step 57. If the instruction is not privileged 73,then one or more further conditions may need to be satisfied before thememory operation is allowed to proceed.

For the second condition, the privilege rule enforcer 9 receives a rulesignal via communication link 20 at a third input which defines a numberof rules which determine the allowability of various data accessoperations. The rule signal is generated by a rule table 22 whichcomprises a lookup table containing a plurality of predetermined dataaccess rules. The interpretation of rules may be performed by eitherhardware or software. For example, a rule may be defined so that accessto the data memory 1 is only allowed if the instruction contains aspecified secret key. The privilege rule enforcer 9 then determines, atrule checking step 69, if the data access operation conforms to therules defined in the rule table 22. If the rules are obeyed 63 then thememory access operation is allowed to proceed, at proceed step 57. Ifthe rules are broken 71 then the memory access operation is blocked, atblocking step 65.

It can be seen that the privilege rule enforcer 9 acts to restrictaccess to the data memory 1 depending on whether the data being accessedis privileged, whether the instruction attempting the access isprivileged, and whether the data access is allowed by one or more rules.It is understood that data access may be allowed if only one conditionis satisfied as with the embodiment described above, or only if severalconditions are satisfied in combination, or only if all conditions aresatisfied.

During operation of the system, it may be necessary to dynamicallyallocate and release various portions of the data memory 1. It istherefore preferable that the privileged data table 3 is dynamicallyupdated to reflect changes in privileged regions of the data memory 1.The list of privileged memory regions stored in the privileged datatable 3 may be modified by suitable instructions fetched from theinstruction list 7 by the CPU 5 via communication link 11. Theinstructions are transmitted via communication link 21 to the privilegeddata table 3 where entries may be added, removed, or modified accordingto the instruction. It is important to prevent hackers from feedingillegitimate instructions to the privileged data table 3 to modify thelist of privileged regions, thereby allowing unauthorized access to thedata memory 1. For example, a hacker may attempt to circumvent securityby inserting instructions into the instruction list 7.

To maintain the security of the system, instructions which attempt tomodify the contents of the privileged data table 3 are blocked unlessthey are privileged. A privilege table filter 23 is provided alongcommunication link 21 between the CPU 5 and the privileged data table 3to selectively block instructions transmitted along communication link21. The privilege table filter 23 receives a privilege level signal viacommunication link 19 at a first input indicating the privilege level ofeach instruction, and intercepts and blocks an instruction if theprivilege level signal indicates that the instruction is not privileged.The privilege level signal input into the privilege table filter 23 isof a similar nature to the privilege level signal of the second input ofthe privilege rule enforcer 9. In one embodiment, the privilege tablefilter 23 selectively blocks instructions in accordance with a set ofselection rules in a similar manner to that of the privilege ruleenforcer 9. In this case the privilege table filter 23 receives a rulesignal at a second input generated by the rule table 22.

The process by which instructions are identified as privileged and bywhich the privilege level signals are generated will now be described.The instruction list 7 is arranged to store computer code and otherinstructions for use during operation of the system. In particular, theinstruction list 7 includes instructions which allow access to the datamemory 1, and allow modification of the privileged data table 3 and theprivileged instruction table 25. A hacker may attempt to gainunauthorized access to the data memory 1 by storing illegitimateinstructions in the instruction list 7. To distinguish betweenprivileged and unprivileged instructions, a privileged instruction table25 is provided to store references to those instructions stored in theinstruction list 7 which are privileged. Each instruction stored on theinstruction list 7 has a unique memory address which may be referencedby an instruction pointer. The privileged instruction table 25 stores alist of instruction pointers referencing those instructions which areprivileged.

When the CPU 5 fetches an instruction from the instruction list 7, theappropriate instruction pointer is transmitted along communication link11 to the instruction list 7, allowing the instruction to be retrievedand transmitted back to the CPU 5. Additionally, the instruction pointerof the instruction being fetched is also transmitted along communicationlink 31 to an instruction privilege identifier 27. The instructionprivilege identifier 27, for example a window comparator receives theinstruction pointer transmitted by the CPU 5 and compares it to the listof pointers stored in the privileged instruction table 25. Theinstruction privilege identifier 27 receives data stored in theprivileged instruction table 25 via communication link 29. Theinstruction privilege identifier 27 attempts to find a matching entry inthe privileged instruction table 25 to determine if the instruction isprivileged. A privilege level signal is then generated by theinstruction privilege identifier 27 to indicate the privilege status ofthe instruction. The privilege level signal is transmitted viacommunication link 19 to the privilege table filter 23 and the privilegerule enforcer 9 where the signal is used to selectively blockinstructions by the process described above.

It is understood that a portion of program code containing a pluralityof privileged instructions may be defined as privileged in a similarmanner as for individual instructions. If an entire contiguous block ofcode is privileged, then the privileged instruction table 25 mayalternatively store the start and end memory addresses of the region ofmemory of the instruction list 7 containing the code block in a similarmanner to that of the privileged data table 3. In this case, a privilegelevel signal is generated when a portion of code is retrieved from theinstruction list 7. Defining blocks of code as privileged rather thatindividual instructions increases the efficiency of the system.

In one embodiment, the privilege level signal may correspond to thelevel of verification which has been performed on each instruction sothat an instruction may be assigned one of many privilege levels. Forexample, computer instruction stored on read only memory (ROM) may beassigned the highest privilege level. Instructions which are stored onRAM, but which have been securely verified may be assigned a lowerprivilege level. Instructions which are stored on RAM and which have notbeen verified may be assigned the lowest privilege level, for examplezero.

The privilege level may also restrict access to only particular subsetsof data. For example a high privilege level may allow access to alldata, while a lower privilege level may only allow access to a portionof the privileged data. The lowest privilege level will allow access tounprivileged data only. Each portion of data is assigned a privilegelevel which indicates the privilege level threshold required to accessthat particular data. The privilege level signal may also containtimeout information which restricts the amount of time a particularmemory operation is allowed to last before being terminated, for example10 minutes.

A privilege level may be defined separately for read and writeoperations. For example, particular instructions may only write data ifthe ‘write’ privilege level of those instructions is above a firstthreshold. Similarly, particular instructions may only read data if the‘read’ privilege level of those instructions is above a secondthreshold. The first and second thresholds for read and write operationsmay be different, so that, for example, particular instructions may beauthorized to read all data within the system, but may not be authorizedto write data to any parts of the system.

In all cases, the rule signal 20 may be used to interpret the privilegelevel signal. For example, a rule may be defined so that, initially,only instruction stored in ROM have full access to all data, and otherinstructions have reduced access, such as read-only access.

The process by which instructions are verified and assigned a privilegedstatus will now be described. A code verifier 33 is provided toauthenticate instructions stored in the instruction list 7 and to modifythe contents of the privileged instruction table 25 accordingly. Thecode verifier 33 may be for example a hardware based signature verifier,or a dedicated CPU. To verify the contents of the instruction list 7, acode signature 39 is stored in association with each portion of code 35stored in the instruction list 7. A portion of code 35 may comprise oneor more instructions, possibly several kilobytes in size.

FIG. 3 is a diagram of the process used to authenticate the contents ofthe instruction list 7 in which arrows represent one waytransformations. A code signature 39 is computed from a portion of code35 by a sequence of two transformations. A hash value 41 of the codeportion 35 is first computed using any suitable hash algorithm 43, forexample MD5. A hash is a transformation which takes a variable sizeinput, in this case the code portion 35, and outputs a string of fixedlength that is the hash value 41. The hash transform 43 is a one wayfunction such that it is computationally infeasible to find an inputwhich generates a specified output hash value. The hash transform 43also has the property that it is computationally infeasible to find twodistinct inputs which generate identical output hash values. The hashvalue 41 is then encrypted in accordance with a secret key 45 togenerate a code signature 39. The security of the system relies on theconfidentiality of the secret key.

To verify a portion of code 35 stored in the instruction list 7, thecode verifier 33 computes a first hash value 41 from the code portion 35using a specified hash algorithm 43, and computes a second hash value 48by decrypting the code signature 39 using a public key 47. The codeportion 35 is defined as privileged if a predetermined relationshipexists between the first and second computed hash values 41, 48, forexample if the two hash values 41, 48 are identical as determined in acomparator or compare routine 49.

Initially, the instruction list 7 and privileged instruction table 25are both empty. When a code portion 35 is stored in the instruction list7, the corresponding signature 39 is computed and stored in associationwith the code portion 35. In one embodiment, code 35 is loaded from aROM portion of memory into the instruction list 7 upon initialization ofthe system. The code verifier 33 retrieves the code portion 35 and itsassociated signature 39 from the instruction list 7 and attempts toverify the code portion 35 using the signature 39. If the verificationis successful, the code verifier 33 transmits a signal to instruct theprivileged instruction table 25 to create a new reference to theverified code portion 35. The code portion 35 is then defined asprivileged by virtue of the newly created entry in the privilegedinstruction table 25. If the verification is unsuccessful, then no entryin the privileged instruction table 25 is created and the code portion35 is not privileged. In one embodiment, entries in the privilegedinstruction table 25 may also be made by an initial authority devicecomprising a hardware based state machine which may, or may not be onthe monolithic circuit 2.

Modification of the privileged instruction table 25 by addition, removalor alteration of entries may also be made by instructions which havepreviously been defined as privileged. In this case, suitableinstructions are fetched from the instruction list 7 and transmitted tothe privilege table filter 23. If the privilege table filter 23 receivesa privilege level signal indicating that the instruction is privileged,then the instruction is transmitted via communication link 24 to theprivileged instruction table 25 which is modified accordingly. If theinstruction is not privileged then the privilege table filter 23 blocksthe instruction and no entry in the privileged instruction table 25 iscreated.

In one embodiment, the program that performs the code verifyingalgorithms is stored on a ROM portion of the instruction list 7. In thiscase, the privileged instruction table 25 has a ROM portion whichcontains a reference to the ROM portion of the instruction list 7, thusdefining the code verifying program as privileged. The code verifier 33retrieves the code verifying program from the instruction list 7 andexecutes the code verifying algorithms. Alternatively, the codeverifying program may be executed by the CPU 5.

Since the code verifier 33 executes code stored on ROM which cannot beoverwritten and is created at the manufacturing stage, the codeverifying program is privileged code which is trusted. Only thoseinstructions which are correctly verified by the trusted code verifier33 can be defined as privileged and become trusted themselves. Thedifficulty in generating correct code signatures 39 without knowledge ofthe secret key ensures that hackers are unable to insert and utilizeillegitimate instructions since the code verification will fail and theinstructions will be blocked. Only privileged instructions are allowedto modify the contents of the privilege data table 3 and the privilegedinstruction table 25 so that the contents of the privileged data table 3and the privileged instruction table 25 are in turn trusted. Finally,access to the data memory 1 and ability to define instructions asprivileged are restricted according to the contents of the privilegeddata table 3 and privileged instruction table 25.

The code verifier 33 and instruction privilege identifier 27 act toverify portions of code 35 and to indicate the privilege status of thiscode 35 to other parts of the system, in particular those parts of thesystem which assign other portions of data as privileged. The presentinvention maintains the security of data access by ensuring that allpotentially vulnerable software aspects of the system are trusted. Itcan be seen that an advantage of the present invention is to allow oneportion of code to assign a privilege to another portion of code in asecure system, and in particular to perform this process dynamically.

Preferably, all hardware components of the system are contained on asingle monolithic circuit 2 to prevent illegitimate replacement ofcomponents and maintain security. Any components which may not be on themonolithic circuit 2, for example the data memory 1 or instruction list7, communicate with the monolithic circuit 2 only via encryption basedcommunication links. Here, data to or from the off-chip components isencrypted using a secret key before it is transmitted alongcommunication links to or from inputs or outputs on the monolithiccircuit 2. This process protects vulnerable external communication linkswhich may be transmitting privileged data.

All of the above U.S. patents, U.S. patent application publications,U.S. patent applications, foreign patents, foreign patent applicationsand non-patent publications referred to in this specification and/orlisted in the Application Data Sheet are incorporated herein byreference, in their entireties.

From the foregoing it will be appreciated that, although specificembodiments of the invention have been described herein for purposes ofillustration, various modifications may be made without deviating fromthe spirit and scope of the invention. Accordingly, the invention is notlimited except as by the appended claims.

1. A semiconductor integrated circuit for dynamically assigning aprivilege level to portions of code, comprising: an instruction list forstoring computer instructions as portions of code; a privilegedinstruction table for storing indications of privilege levels of theportions of code stored in the instruction list including portions ofcode used to modify contents of the privileged instruction table; and aprivilege table filter arranged to receive a privilege level signalindicating the privilege level of one of the portions of code fetchedfrom the instruction list and further arranged to either block or allowthe execution of the fetched portion of code according to the privilegelevel of the fetched portion of code.
 2. The semiconductor integratedcircuit of claim 1 further comprising a hardware based initial authoritydevice arranged to modify the contents of the privileged instructiontable.
 3. The semiconductor integrated circuit of claim 2 in which theinitial authority device comprises a code verifier arranged to verifywhether one of the portions of code stored in the instruction list isauthentic and to modify the contents of the privileged instruction tableaccording to the result of the verification.
 4. The semiconductorintegrated circuit of claim 3 in which the code verifier is arranged toverify portions of code using code signatures stored in association withthe portions of code.
 5. The semiconductor integrated circuit of claim 3in which the code verifier is stored on ROM.
 6. The semiconductorintegrated circuit of claim 5 in which the code verifier is stored on aROM portion of the instruction list.
 7. The semiconductor integratedcircuit of claim 6 in which the privileged instruction table contains anindication that the privilege level of the portion of code correspondingto the code verifier is the maximum privilege level.
 8. Thesemiconductor integrated circuit of claim 7 in which the indication ofthe privilege level of the portion of code corresponding to the codeverifier is stored on a ROM portion of the privileged instruction table.9. The semiconductor integrated circuit of claim 1 in which theprivilege table filter is arranged to block the execution of a portionof code if the privilege level of the portion of code falls below athreshold.
 10. The semiconductor integrated circuit of claim 1, furthercomprising an instruction privilege identifier arranged to receive anidentification of a portion of code being fetched from the instructionlist, to determine the privilege level of the portion of code usinginformation received from the privileged instruction table, and totransmit the privilege level signal according to the privilege level ofthe portion of code.
 11. The semiconductor integrated circuit of claim10 in which the privileged instruction table is a look up table arrangedto store entries corresponding to portions of code stored in theinstruction list, each entry comprising a memory address of a portion ofcode and an indication of the privilege level of the portion of code,and wherein the identification of a portion of code being fetched fromthe instruction list is the memory address of the portion of code. 12.The semiconductor integrated circuit of claim 11 in which the privilegedinstruction table is arranged to store start and end memory addresses ofa portion of code for each entry in the privileged instruction table.13. The semiconductor integrated circuit of claim 1 in which theinstruction list is arranged to store instructions used to access datafrom a data memory.
 14. The semiconductor integrated circuit of claim 1in which a portion of code has more than one privilege level, eachprivilege level corresponding to a different data operation.
 15. Thesemiconductor integrated circuit of claim 14 in which a portion of datahas different privilege level indications for data read and data writeoperations.
 16. The semiconductor integrated circuit of claim 1 in whicha privilege level indicates the level of authentication which has beenperformed on the portion of code.
 17. The semiconductor integratedcircuit of claim 1 in which a privilege level indicates the time periodfor which the portion of code may access data.
 18. The semiconductorintegrated circuit of claim 1 in which a privilege level indicates datawhich the portion of code is allowed to access.
 19. The semiconductorintegrated circuit according to claim 1 in which the circuit is amonolithic circuit.
 20. A pay television system, comprising: aninstruction list for storing computer instructions as portions of code;a privileged instruction table for storing indications of privilegelevels of the portions of code stored in the instruction list includingportions of code used to modify contents of the privileged instructiontable; and a privilege table filter arranged to receive a privilegelevel signal indicating the privilege level of one of the portions ofcode fetched from the instruction list and further arranged to eitherblock or allow the execution of the fetched portion of code according tothe privilege level of the fetched portion of code.
 21. A semiconductorintegrated circuit for restricting access to stored data in whichcomputer instructions are used to access data comprising: a data memoryfor storing data, at least a portion of which is privileged; aprivileged data table for storing an indication of which regions of thedata memory contain privileged data; and a privilege rule enforcerarranged to receive information contained in the privilege data table ata first input, and to receive a rule signal at a second inputrepresentative of a data selection rule, and to receive a privilegelevel signal at a third input indicating whether an instruction isprivileged, and to selectively block instructions according to thefirst, second, and third inputs.
 22. The semiconductor integratedcircuit of claim 21 in which the rule signal is generated by a ruletable arranged to store one or more selection rules.
 23. Thesemiconductor integrated circuit of claim 21 in which the rule signal isdefined so that instructions not stored on ROM have a more restrictedaccess to data than instructions stored on ROM.
 24. The semiconductorintegrated circuit of claim 21 in which the rule signal is defined sothat the instructions stored on ROM have full access to all data withinthe system.
 25. The semiconductor integrated circuit of claim 21 inwhich the rule signal is defined so that instructions not stored on ROMhave only read-only access to data.
 26. The semiconductor integratedcircuit of claim 21 in which the privileged data table is a lookuptable.
 27. The semiconductor integrated circuit of claim 21 in which theprivileged data table stores a list of start and end memory addresses ofthose regions of the data memory which contain privileged data.
 28. Thesemiconductor integrated circuit of claim 21 in which the privilegeddata table contains an indication of the privilege level of portions ofdata stored in the data table.
 29. The semiconductor integrated circuitof claim 21 in which the privilege level of data indicates whichinstructions are allowed to access the data.
 30. The semiconductorintegrated circuit of claim 21 in which the privilege level of data isrepresented by a numerical value.
 31. The semiconductor integratedcircuit of claim 21 in which data having a first privilege level is onlyaccessible by those instructions having a second privilege level equalto or above the first privilege level.
 32. The semiconductor integratedcircuit of claim 21 in which the data memory is at least one of RAM,flash memory, hard disk drive or on-chip memory.
 33. The semiconductorintegrated circuit of claim 21 in which the privilege rule enforcer is awindow comparator.
 34. The semiconductor integrated circuit claim 21further comprising a privilege table filter arranged to receive aprivilege level signal at an input indicating the privilege level of aninstruction and to selectively block instructions which attempt tomodify the contents of the privileged data table according to theprivilege level input.
 35. The semiconductor integrated circuit of claim21 in which the circuit is a monolithic circuit.
 36. A pay televisionsystem that restricts access to stored data in which computerinstructions are used to access data, comprising: a data memory forstoring data, at least a portion of which is privileged; a privilegeddata table for storing an indication of which regions of the data memorycontain privileged data; and a privilege rule enforcer arranged toreceive information contained in the privilege data table at a firstinput, and to receive a rule signal at a second input representative ofa data selection rule, and to receive a privilege level signal at athird input indicating whether an instruction is privileged, and toselectively block instructions according to the first, second, and thirdinputs.